package com.hongkzh.www.conmon;

import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import com.aliyuncs.sts.model.v20150401.AssumeRoleRequest;
import com.aliyuncs.sts.model.v20150401.AssumeRoleResponse;
import com.jfinal.kit.PropKit;
import com.jfinal.plugin.activerecord.Record;

public class StsService{
    public static Record getToken(String u){
        String  key="aliyunvid-"+u;
        Record response=null;
        response =(Record)RedisTool.getObject(key);
        if(null!=response){
            return response;
        }
        response=new Record();
        //sts.cn-beijing.aliyuncs.com
        //sts.aliyuncs.com
        String endpoint = "sts.cn-beijing.aliyuncs.com";
        String accessKeyId = PropKit.get("ali.vod.AccessKeyId");
        String accessKeySecret = PropKit.get("ali.vod.AccessKeySecret");
        String roleArn =  PropKit.get("ali.vod.roleArn");
        String roleSessionName = "session-name";
        String policy="{\n" +
                "  \"Version\": \"1\",\n" +
                "  \"Statement\": [\n" +
                "    {\n" +
                "      \"Action\": \"vod:*\",\n" +
                "      \"Resource\": \"*\",\n" +
                "      \"Effect\": \"Allow\"\n" +
                "    }\n" +
                "  ]\n" +
                "}";
        /*String policy = "{\n" +
                "    \"Version\": \"1\", \n" +
                "    \"Statement\": [\n" +
                "        {\n" +
                "            \"Action\": [\n" +
                "                \"oss:*\"\n" +
                "            ], \n" +
                "            \"Resource\": [\n" +
                "                \"acs:oss:*:*:*\" \n" +
                "            ], \n" +
                "            \"Effect\": \"Allow\"\n" +
                "        }\n" +
                "    ]\n" +
                "}";*/
        try {
            // 添加endpoint（直接使用STS endpoint，前两个参数留空，无需添加region ID）
            DefaultProfile.addEndpoint("", "", "Sts", endpoint);
            // 构造default profile（参数留空，无需添加region ID）
            IClientProfile profile = DefaultProfile.getProfile("", accessKeyId, accessKeySecret);
            // 用profile构造client
            DefaultAcsClient client = new DefaultAcsClient(profile);
            final AssumeRoleRequest request = new AssumeRoleRequest();
            request.setMethod(MethodType.POST);
            request.setRoleArn(roleArn);
            request.setRoleSessionName(roleSessionName);
            request.setPolicy(policy); // Optional
            request.setDurationSeconds(60*60L);
              AssumeRoleResponse.Credentials a= client.getAcsResponse(request).getCredentials();
            response.set("accessKeyId",a.getAccessKeyId());
            response.set("accessKeySecret",a.getAccessKeySecret());
            response.set("expiration",a.getExpiration());
            response.set("securityToken",a.getSecurityToken());
            } catch (ClientException e) {
            System.out.println("Failed：");
            System.out.println("Error code: " + e.getErrCode());
            System.out.println("Error message: " + e.getErrMsg());
            System.out.println("RequestId: " + e.getRequestId());
                throw new BusinessException("获取配置失败");
            }
            RedisTool.setexObject(key,60*60,response);
            return  response;
    }


    public static void main(String[] args) {
        /*Record response=getToken("0");
            System.out.println("Expiration: " + response.getExpiration());
            System.out.println("Access Key Id: " + response.getAccessKeyId());
            System.out.println("Access Key Secret: " + response.getAccessKeySecret());
            System.out.println("Security Token: " + response.getSecurityToken());*/


    }
}
